Hitachi Energy MicroSCADA X SYS600 10.4

CPE Details

Hitachi Energy MicroSCADA X SYS600 10.4
hitachienergy
microscada_x_sys600
10.4
2022-10-05
11h39 +00:00
2022-10-05
11h45 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*

Informations

Vendor

hitachienergy

Product

microscada_x_sys600

Version

10.4

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-7940 2024-08-27 12h52 +00:00 The product exposes a service that is intended for local only to all network interfaces without any authentication.
9.8
Critique
CVE-2024-3982 2024-08-27 12h47 +00:00 An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. By default, the session logging level is not enabled and only users with administrator rights can enable it.
8.2
Haute
CVE-2024-3980 2024-08-27 12h42 +00:00 The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. If exploited the vulnerability allows the attacker to access or modify system files or other files that are critical to the application.
9.9
Critique
CVE-2024-4872 2024-08-27 12h37 +00:00 A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to successfully exploit this vulnerability an attacker must have a valid credential.
9.9
Critique
CVE-2022-3388 2022-11-20 23h00 +00:00 An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.
8.8
Haute